Vulnerabilities > Fedoraproject > Fedora > 35

DATE CVE VULNERABILITY TITLE RISK
2022-11-22 CVE-2022-3500 A vulnerability was found in keylime.
local
high complexity
keylime redhat fedoraproject
5.1
5.1
2022-11-18 CVE-2021-33621 Injection vulnerability in multiple products
The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting.
network
low complexity
ruby-lang fedoraproject CWE-74
8.8
8.8
2022-11-10 CVE-2022-45063 Command Injection vulnerability in multiple products
xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh.
network
low complexity
invisible-island fedoraproject CWE-77
critical
 9.8
9.8
2022-11-09 CVE-2022-23824 IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.
local
low complexity
xen amd fedoraproject
5.5
5.5
2022-11-09 CVE-2022-45061 Algorithmic Complexity vulnerability in multiple products
An issue was discovered in Python before 3.11.1.
network
low complexity
python fedoraproject netapp CWE-407
7.5
7.5
2022-11-09 CVE-2022-45059 HTTP Request Smuggling vulnerability in multiple products
An issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x before 7.2.1. 		7.5
7.5
2022-11-09 CVE-2022-45060 An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. 7.5
7.5
2022-11-08 CVE-2022-3821 An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c.
local
low complexity
systemd-project redhat fedoraproject
5.5
5.5
2022-11-08 CVE-2022-39377 sysstat is a set of system performance tools for the Linux operating system.
local
low complexity
sysstat-project debian fedoraproject
7.8
7.8
2022-11-07 CVE-2022-42920 Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics.
network
low complexity
apache fedoraproject
critical
 9.8
9.8